CVE-2010-1359
published 2010-04-13CVE-2010-1359: SQL injection vulnerability in bluegate_seo.inc.php in the Direct URL module for xt:Commerce, when magic_quotes_gpc is disabled, allows remote attackers to…
PriorityP432medium6.8CVSS 2.0
AVNACMAuNCPIPAP
EPSS
1.11%
61.8th percentile
SQL injection vulnerability in bluegate_seo.inc.php in the Direct URL module for xt:Commerce, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the coID parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| xt-commerce | xt-commerce | — | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
Microsoft Internet Explorer - 'createTextRange()' Code Execution (MS06-013) (Metasploit)
exploitdb·2010-09-20
CVE-2006-1359 Microsoft Internet Explorer - 'createTextRange()' Code Execution (MS06-013) (Metasploit)
Microsoft Internet Explorer - 'createTextRange()' Code Execution (MS06-013) (Metasploit)
---
##
# $Id: ms06_013_createtextrange.rb 10394 2010-09-20 08:06:27Z jduck $
##
##
# This file is part of the Metasploit Framework and may be subject to
# redistribution and commercial restrictions. Please see the Metasploit
# Framework web site for more information on licensing and terms of use.
# http://metasploit.com/framework/
##
require 'msf/core'
class Metasploit3 'Internet Explorer createTextRange() Code Execution',
'Description' => %q{
This module exploits a code execution vulnerability in Microsoft Internet Explorer.
Both IE6 and IE7 (Beta 2) are vulnerable. It will corrupt memory in a way, which, under
certain circumstances, can lead to an invalid/corrupt table pointer dereference. EIP w
Exploit-DB
PuTTy.exe 0.53 - Remote Buffer Overflow (Metasploit)
exploitdb·2010-06-15
CVE-2002-1359 PuTTy.exe 0.53 - Remote Buffer Overflow (Metasploit)
PuTTy.exe 0.53 - Remote Buffer Overflow (Metasploit)
---
##
# $Id: putty_msg_debug.rb 9525 2010-06-15 07:18:08Z jduck $
##
##
# This file is part of the Metasploit Framework and may be subject to
# redistribution and commercial restrictions. Please see the Metasploit
# Framework web site for more information on licensing and terms of use.
# http://metasploit.com/framework/
##
class Metasploit3 'PuTTy.exe %q{
This module exploits a buffer overflow in the PuTTY SSH client that is triggered
through a validation error in SSH.c.
},
'Author' => 'MC',
'License' => MSF_LICENSE,
'Version' => '$Revision: 9525 $',
'References' =>
[
[ 'CVE', '2002-1359' ],
[ 'OSVDB', '8044'],
[ 'URL', 'http://www.rapid7.com/advisories/R7-0009.html' ],
[ 'BID', '6407'],
],
'DefaultOptions' =>
{
'EXITFUNC' => 'proce
2010-04-13
Published